wp-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to override AI behavior or bypass security protocols. The content is purely educational documentation.- [Data Exposure & Exfiltration] (SAFE): No sensitive data, hardcoded credentials, or unauthorized network operations were detected. The skill recommends using secure WordPress remote request functions instead of raw curl.- [Obfuscation] (SAFE): No encoded strings, zero-width characters, or other obfuscation techniques are present in the files.- [Unverifiable Dependencies] (SAFE): The documentation mentions standard, well-known development tools and packages such as PHPUnit and @wordpress/scripts. No suspicious or remote script executions (e.g., curl|bash) are present.- [Command Execution] (SAFE): Command-line references are limited to standard development workflows like linting and running tests using Composer and NPM/NPX.
Audit Metadata